[Gllug] SeLinux and Xinetd & Rsync

Alain Williams addw at phcomp.co.uk
Wed May 16 20:24:39 UTC 2007


On Wed, May 16, 2007 at 08:30:49PM +0100, Stuart Sears wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Alain Williams wrote:
> > Summary: SeLinx stops rsync reading /etc/rsyncd.conf
> > 
> > I installed my system and needed rsync. I created a suitable
> > /etc/rsyncd.conf (mode 644, owner root:root) and turned on rsync: 
> > chkconfig rsync on (and restarted xinetd for good measure).
> > 
> > Whenever I try to do an rsync from another machine I get the
> > following in /var/log/messages: May 13 23:09:18 gateway
> > rsyncd[11327]: rsync: unable to open configuration file
> > "/etc/rsyncd.conf": Permission denied (13) May 13 23:09:18 gateway
> > rsyncd[11327]: rsync error: syntax or usage error (code 1) at
> > clientserver.c(741) [receiver=2.6.8]
> > 
> > If I type: setenforce 0 it works fine .... so the problem is SELinux.
> > I would like to leave SELinux on, but how do I get rsync to work ?
> avc messages?
> they'll be in /var/log/messages or /var/log/audit/audit.log
> this will at least help work out what the issue is exactly...
> 
> although the error may suggest that /etc/rsyncd.conf is mislabeled
> so, as well as the error logs, the output of
> ls -Z /etc/rsyncd.conf
> and
> semanage fcontext -l | grep rsync
> could help here

/etc/rsyncd.conf did not already exist, so I just made my own. I did not label it.

What seems relevant in /var/log/audit/audit.log:
	type=AVC msg=audit(1179080167.711:720): avc:  denied  { read } for  pid=10312 comm="rsync" name="rsyncd.conf" dev=dm-0 ino=67420 scontext=user_u:system_r:rsync_t:s0 tcontext=user_u:object_r:tmp_t:s0 tclass=file
	type=SYSCALL msg=audit(1179080167.711:720): arch=40000003 syscall=5 success=no exit=-13 a0=bfb84530 a1=8000 a2=1b6 a3=9ebfa28 items=0 ppid=9946 pid=10312 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="rsync" exe="/usr/bin/rsync" subj=user_u:system_r:rsync_t:s0 key=(null)

# ls -Z /etc/rsyncd.conf
-rw-r--r--  root root user_u:object_r:tmp_t            /etc/rsyncd.conf
# semanage fcontext -l | grep rsync
/srv/([^/]*/)?rsync(/.*)?                          all files          system_u:object_r:public_content_t:s0
/usr/bin/rsync                                     regular file       system_u:object_r:rsync_exec_t:s0


None of which leaves me much the wiser, how do I label /etc/rsyncd.conf & what do I label it as ?

I must say that I feel ignorant as to how this all works, is there a readable & practical intro that you could recommend ?

I tried (wild guess) to fix thus:
	semanage fcontext -a -t rsync_exec_t /etc/rsyncd.conf
but it made no difference.

Thanks

-- 
Alain Williams
Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256  http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list